intercept_strlen.cc revision 2d1fdb26e458c4ddc04155c1d421bced3ba90cd0
12d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// RUN: %clangxx_asan -O0 %s -Fe%t 22d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// RUN: not %run %t 2>&1 | FileCheck %s 32d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 42d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#include <stdio.h> 52d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#include <string.h> 62d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 72d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesint main() { 82d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines char str[] = "Hello"; 92d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (5 != strlen(str)) 102d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines return 1; 112d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 122d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines printf("Initial test OK\n"); 132d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines fflush(0); 142d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: Initial test OK 152d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 162d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines str[5] = '!'; // Losing '\0' at the end. 172d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines int len = strlen(str); 182d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: AddressSanitizer: stack-buffer-overflow on address [[ADDR:0x[0-9a-f]+]] 192d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// FIXME: Should be READ of size 1, see issue 155. 202d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: READ of size {{[0-9]+}} at [[ADDR]] thread T0 212d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: strlen 222d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK-NEXT: main {{.*}}intercept_strlen.cc:[[@LINE-5]] 232d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: Address [[ADDR]] is located in stack of thread T0 at offset {{.*}} in frame 242d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK-NEXT: main {{.*}}intercept_strlen.cc 252d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// CHECK: 'str' <== Memory access at offset {{.*}} overflows this variable 262d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines return len < 6; 272d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 28